CVE-2024-53899 | virtualenv up to 20.26.5 Activation Script command injection (Issue 2768)

Inserito da Angelo Barbosa | Nov 24, 2024 | CVE

A vulnerability classified as critical has been found in virtualenv up to 20.26.5. Affected is an unknown function of the component Activation Script Handler. The manipulation leads to command injection.

This vulnerability is traded as CVE-2024-53899. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-53899 | virtualenv up to 20.26.5 Activation Script command injection (Issue 2768)

Post correlati

CVE-2024-5666 | Extensions for Elementor Plugin up to 2.0.30 on WordPress URL Parameter cross site scripting

CVE-2024-5943 | Nested Pages Plugin up to 3.2.7 on WordPress cross-site request forgery

CVE-2024-7343 | Baidu UEditor 1.4.2 controller.php source[] cross site scripting

CVE-2023-49197 | Apasionados DoFollow Case by Case Plugin up to 3.4.2 on WordPress cross-site request forgery